DownSyn Forum Forum Index DownSyn Forum
Extra Chromosome... Extra Family
 
shoppingShop   Watched TopicsWatched Topics   FAQFAQ   SearchSearch   MemberlistMemberlist   CalendarCalendar  RegisterRegister 
 ProfileProfile   MapMap   Log in to check your private messagesLog in to check your private messages   Log inLog in 
Forum TourForum Tour 

Fake Emails


 
Post new topic   Reply to topic   printer-friendly view       DownSyn Forum Forum Index -> Forum Comments and Ideas
View previous topic :: View next topic  
Author Message
Tom
Administrator


NDSC Attendee

Joined: 22 Jun 2000


Last Visit: 26 Nov 2007
Posts: 2957
Location: Plainview, NY

PostPosted: July 14 2005, 5:35 PM    Post subject:
Reply with quote

I received the email below today. It is not from me or this site. I traced it back to a site provider in Amsterdam. I believe it is an attempt to fish for passwords. Ignore it. The IP address in the email is disguised. It is actually pointing to this IP address: 62.193.220.183

Quote:

Dear Valued Member,

According to our site policy you will have to confirm your account by the following link or else your account will be suspended within 24 hours for security reasons.

http://www.downsyn.com/confirm.php?email=dsfnp@downsyn.com

Thank you for your attention to this question. We apologize for any inconvenience.

Sincerely,Downsyn Security Department Assistant.

_________________
Tom

Dad to Beth (15) and Mikey (10 - Ds and PDD-NOS)
My Blog - Random Thinking


What a difference a haircut makes! Wink
Back to top
View user's profile Send private message [ Hidden ] Visit poster's website Visit poster's blog AIM Address
lespring
Super Member


Joined: 26 Mar 2005


Last Visit: 27 Nov 2007
Posts: 7940
Location: Twin Cities metro area, MN

PostPosted: July 14 2005, 6:24 PM    Post subject:
Reply with quote

WEIRD!!! I can see from fake credit card companies, etc. But from downsyn? C'mon!!!!

_________________
~Leah~

Did you vote for my mom today? http://www.blogforayear.com/profiles/leah

http://www.gardenofeagan.blogspot.com
mom to Noah 20, Tyler 18,Angela 11 (DS)
Back to top
View user's profile Send private message [ Hidden ] Visit poster's blog Yahoo Messenger
Tom
Administrator


NDSC Attendee

Joined: 22 Jun 2000


Last Visit: 26 Nov 2007
Posts: 2957
Location: Plainview, NY

PostPosted: July 14 2005, 8:52 PM    Post subject:
Reply with quote

A little more information for technical folk who are interested. here are the full email headers:

X-Gmail-Received: 8ca716fb8b96fafdbe35ca943ac9df1a4dd2d567
Delivered-To: tgpaul@gmail.com
Received: by 10.36.103.8 with SMTP id a8cs152095nzc;
Thu, 14 Jul 2005 15:13:13 -0700 (PDT)
Received: by 10.54.51.70 with SMTP id y70mr911005wry;
Thu, 14 Jul 2005 15:13:13 -0700 (PDT)
Return-Path: <administrator@downsyn.com>
Received: from downsyn.com (ftp.hs13.order-vault.net [66.70.239.133])
by mx.gmail.com with ESMTP id 29si2262688wrl.2005.07.14.15.13.12;
Thu, 14 Jul 2005 15:13:13 -0700 (PDT)
Received-SPF: neutral (gmail.com: 66.70.239.133 is neither permitted nor denied by best guess record for domain of administrator@downsyn.com)
Received: from hs13.order-vault.net (root@localhost)
by downsyn.com (8.11.6/8.11.6) with ESMTP id j6EMDCY00336
for <dsfnp@downsyn.com>; Thu, 14 Jul 2005 18:13:12 -0400
X-ClientAddr: 12.154.53.41
Received: from downsyn.com ([12.154.53.41])
by hs13.order-vault.net (8.11.6/8.11.6) with ESMTP id j6EMDCg00331
for <dsfnp@downsyn.com>; Thu, 14 Jul 2005 18:13:12 -0400
Message-Id: <200507142213.j6EMDCg00331@hs13.order-vault.net>
From: administrator@downsyn.com
To: dsfnp@downsyn.com
Subject: Important Notification
Date: Thu, 14 Jul 2005 18:13:12 -0400
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0006_25F6BCA4.2223F080"
X-Priority: 3
X-MSMail-Priority: Normal


A lot of this is just typical header detail but the interesting this is the highlighted section. That is the actual IP address of the person who sent that email. The line after that is supposed to be the IP address of downsyn.com and it would be if this was a real email from downsyn.com but it isn't. That IP address comes out to be:


OrgName: AVENTIS PHARMACEUTICALS-TEVA NEURO
OrgID: APN-6
Address: 10236 MARION PARK DRIVE
City: KANSAS CITY
StateProv: MO
PostalCode: 64137
Country: US

NetRange: 12.154.53.0 - 12.154.53.255
CIDR: 12.154.53.0/24
NetName: AVENTIS-84-53
NetHandle: NET-12-154-53-0-1
Parent: NET-12-0-0-0-1
NetType: Reassigned
Comment:
RegDate: 2003-07-08
Updated: 2003-07-08

OrgTechHandle: SE287-ARIN
OrgTechName: Engle, Stan
OrgTechPhone: +1-816-966-3250
OrgTechEmail: stan.engle@aventis.com

So whoever sent the email did it from Aventis Pharmaceuticals.

_________________
Tom

Dad to Beth (15) and Mikey (10 - Ds and PDD-NOS)
My Blog - Random Thinking


What a difference a haircut makes! Wink
Back to top
View user's profile Send private message [ Hidden ] Visit poster's website Visit poster's blog AIM Address
klem
Super Member


Joined: 01 Aug 2004


Last Visit: 22 Oct 2007
Posts: 2000
Location: Gadsden, AL

PostPosted: July 14 2005, 8:58 PM    Post subject:
Reply with quote

WOW. Are you going to work on contacting that company? Like shouldn't they be WORKING? Sheesh. I don't know how to feel about that. I'd be happy to help out and make contacts if you don't have the time.

_________________
Kelley, Robby's wife
mom of Daulton, the Mayor ( 10-07-98 ) and Drake, my treasure on loan from God (4-19-04) DS

be sure to check the website www.rockincamel.com and read the news. I post some good articles there from time to time.
Back to top
View user's profile Send private message [ Hidden ] Visit poster's website Visit poster's blog Yahoo Messenger
lespring
Super Member


Joined: 26 Mar 2005


Last Visit: 27 Nov 2007
Posts: 7940
Location: Twin Cities metro area, MN

PostPosted: July 14 2005, 9:39 PM    Post subject:
Reply with quote

HA! Whenever there is "duty" to be done in the name of investigative phone calls, everyone always makes ME do it! LOL

_________________
~Leah~

Did you vote for my mom today? http://www.blogforayear.com/profiles/leah

http://www.gardenofeagan.blogspot.com
mom to Noah 20, Tyler 18,Angela 11 (DS)
Back to top
View user's profile Send private message [ Hidden ] Visit poster's blog Yahoo Messenger
Anita
Senior Member


Joined: 03 May 2005


Last Visit: 05 Oct 2006
Posts: 102

PostPosted: July 15 2005, 3:48 PM    Post subject:
Reply with quote

Tom
we were getting emails saying they were from Aventis at our job that contained a virus.
What was treally bad, is that we do clinical research and we have actually worked with Aventis.

_________________


Back to top
View user's profile Send private message [ Hidden ] Visit poster's website Visit poster's blog
Tom
Administrator


NDSC Attendee

Joined: 22 Jun 2000


Last Visit: 26 Nov 2007
Posts: 2957
Location: Plainview, NY

PostPosted: July 15 2005, 4:05 PM    Post subject:
Reply with quote

It's possible that someone has found a way to hack into the computers at Aventis so this may not be a person at Aventis doing this.

_________________
Tom

Dad to Beth (15) and Mikey (10 - Ds and PDD-NOS)
My Blog - Random Thinking


What a difference a haircut makes! Wink
Back to top
View user's profile Send private message [ Hidden ] Visit poster's website Visit poster's blog AIM Address
** Hannah's mom ** UK
Super Moderator


Joined: 03 Jun 2004


Last Visit: 27 Nov 2007
Posts: 6732
Location: West Midlands UK

PostPosted: August 01 2005, 7:48 PM    Post subject:
Reply with quote

well if its any consolations we had one of those emails here in the UK concerning our own support group website

I thought hey up I haven't sent my self that email

I have no idea how they sent it but it was very similar to that and then they sent another one saying I had sent so many emails from my support group website and the account would be deactivated if i didn't click on the link

needless to say I didn't click on the link, cos I knew i hadn't sent it

_________________
Jo mummy to Hannah (DS ) who was 4 in July 05,Rebecca who was 3 in Jan 07 and Rachel born 6th April 2006


My beautiful girls



Please visit Hannah's webpage read all about her journey
Hannah's Video


Back to top
View user's profile Send private message [ Hidden ] Visit poster's website Visit poster's blog
Display posts from previous:   
Post new topic   Reply to topic   printer-friendly view       DownSyn Forum Forum Index -> Forum Comments and Ideas All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot post calendar events in this forum
Click above to help support this site
 



Down Syndrome: For New Parents

Google
Web www.downsyn.com

Powered by phpBB © 2001, 2007 phpBB Group :: Spelling by SpellingCow.